Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211) |
Informations | |||
---|---|---|---|
Name | MS10-080 | First vendor Publication | 2010-10-12 |
Vendor | Microsoft | Last vendor Modification | 2010-10-12 |
Severity (Vendor) | Important | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves thirteen privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file or a specially crafted Lotus 1-2-3 file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-080.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
92 % | CWE-20 | Improper Input Validation |
8 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6727 | |||
Oval ID: | oval:org.mitre.oval:def:6727 | ||
Title: | Merge Cell Record Pointer Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Merge Cell Record Pointer Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3237 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6737 | |||
Oval ID: | oval:org.mitre.oval:def:6737 | ||
Title: | Lotus 1-2-3 Workbook Parsing Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted .wk3 (aka Lotus 1-2-3 workbook) file, aka "Lotus 1-2-3 Workbook Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3233 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6738 | |||
Oval ID: | oval:org.mitre.oval:def:6738 | ||
Title: | Out-of-Bounds Memory Write in Parsing Vulnerability | ||
Description: | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3241 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6872 | |||
Oval ID: | oval:org.mitre.oval:def:6872 | ||
Title: | Negative Future Function Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Negative Future Function Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3238 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6902 | |||
Oval ID: | oval:org.mitre.oval:def:6902 | ||
Title: | Ghost Record Type Parsing Vulnerability | ||
Description: | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3242 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7028 | |||
Oval ID: | oval:org.mitre.oval:def:7028 | ||
Title: | Formula Biff Record Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Biff Record Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3235 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7042 | |||
Oval ID: | oval:org.mitre.oval:def:7042 | ||
Title: | Excel Record Parsing Integer Overflow Vulnerability | ||
Description: | Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3230 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7196 | |||
Oval ID: | oval:org.mitre.oval:def:7196 | ||
Title: | Real Time Data Array Record Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array Record Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3240 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2007 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7209 | |||
Oval ID: | oval:org.mitre.oval:def:7209 | ||
Title: | Out Of Bounds Array Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out Of Bounds Array Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3236 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7475 | |||
Oval ID: | oval:org.mitre.oval:def:7475 | ||
Title: | Excel Record Parsing Memory Corruption Vulnerability | ||
Description: | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3231 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7555 | |||
Oval ID: | oval:org.mitre.oval:def:7555 | ||
Title: | Formula Substream Memory Corruption Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Substream Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3234 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7575 | |||
Oval ID: | oval:org.mitre.oval:def:7575 | ||
Title: | Excel File Format Parsing Vulnerability | ||
Description: | Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel File Format Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3232 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7616 | |||
Oval ID: | oval:org.mitre.oval:def:7616 | ||
Title: | Extra Out of Boundary Record Parsing Vulnerability | ||
Description: | Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Extra Out of Boundary Record Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3239 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 1 | |
Application | 2 | |
Application | 1 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2010-10-13 | Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211) File : nvt/secpod_ms10-080.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68573 | Microsoft Office Excel File Unspecified Record Parsing Remote Integer Overflow Microsoft Office Excel is prone to an overflow condition. The program suffers from a sign-extension error and integer overflow error which may be further exploited to cause a heap-based buffer overflow. With a specially crafted Excel file with crafted record information, a context-dependent attacker can potentially execute arbitrary code. |
68572 | Microsoft Office Excel Formula Record Parsing Memory Corruption (2010-3231) A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing Formula records, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68571 | Microsoft Office Excel File Format Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information with certain format parsing, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68570 | Microsoft Office Excel Lotus 1-2-3 Workbook Parsing Remote Overflow Microsoft Office Excel is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted Lotus 1-2-3 (.wk3) file with an overly long crafted record, a context-dependent attacker can potentially execute arbitrary code. |
68569 | Microsoft Office Excel Formula Substream Record Parsing Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing Formula Substream records, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68568 | Microsoft Office Excel Formula Biff Record Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating formula information with a dangling pointer, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68567 | Microsoft Office Excel Out Of Bounds Array Handling Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68566 | Microsoft Office Excel Merge Cell Record Pointer Handling Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68565 | Microsoft Office Excel Negative Future Function Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating binary file-format information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68564 | Microsoft Office Excel PtgExtraArray Structure Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when processing Extra Out of Boundary records, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68563 | Microsoft Office Excel RealTimeData Record Array Parsing Remote Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68562 | Microsoft Office Excel Out-of-Bounds Memory Write in Parsing Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating binary file-format information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code. |
68561 | Microsoft Office Excel Ghost Record Type Parsing Remote Code Execution Microsoft Office Excel contains a flaw that may allow a context-dependent attacker to execute arbitrary commands or code. The issue is due to missing input validation in a conversion routine when parsing a certain record type and can be exploited to corrupt memory outside the bounds of an allocated heap buffer via an overly large range specified by two record fields in a crafted Excel document, which may allow the attacker to execute arbitrary code. |
Snort® IPS/IDS
Date | Description |
---|---|
2016-07-26 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39347 - Revision : 2 - Type : FILE-OFFICE |
2016-07-26 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39346 - Revision : 2 - Type : FILE-OFFICE |
2016-07-08 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39158 - Revision : 1 - Type : FILE-OFFICE |
2016-07-08 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39157 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel CrErr record integer overflow attempt RuleID : 37246 - Revision : 1 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 31476 - Revision : 3 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 31475 - Revision : 3 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 31474 - Revision : 3 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 31473 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel MergeCells record parsing code execution attempt RuleID : 21415 - Revision : 10 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel MergeCells record parsing code execution attempt RuleID : 21414 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel MergeCells record parsing code execution attempt RuleID : 20130 - Revision : 6 - Type : SPECIFIC-THREATS |
2014-01-10 | Microsoft Office Excel PtgExtraArray parsing attempt RuleID : 19154 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt RuleID : 19134 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 18806 - Revision : 20 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 18538 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel PtgName invalid index exploit attempt RuleID : 17764 - Revision : 19 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel GhostRw record exploit attempt RuleID : 17763 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Excel corrupted TABLE record clean up exploit attempt RuleID : 17762 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 17760 - Revision : 18 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel invalid SerAr object exploit attempt RuleID : 17759 - Revision : 19 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt RuleID : 17758 - Revision : 18 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel CrErr record integer overflow attempt RuleID : 17757 - Revision : 16 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_oct2010.nasl - Type : ACT_GATHER_INFO |
2010-10-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Office Ex... File : smb_nt_ms10-080.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-11-16 21:25:22 |
|
2014-02-17 11:46:44 |
|
2014-01-19 21:30:32 |
|